Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/YDKSVpqF2Mertm09mqmsaFNM2fk.roa
File: YDKSVpqF2Mertm09mqmsaFNM2fk.roa (raw, json)
Hash identifier: 23L+nNIoO8FmniaVWP7XKcxOl9MLxYiJ4OM8kocbokI=
Subject key identifier: 60:32:92:56:9A:85:D8:C7:AB:B6:6D:3D:9A:A9:AC:68:53:4C:D9:F9
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 0185714C0F9A567C1A8DC7EE96C7956C98BD
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/YDKSVpqF2Mertm09mqmsaFNM2fk.roa
Signing time: Mon 02 Jan 2023 07:04:48 +0000
ROA not before: Mon 02 Jan 2023 07:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199363
IP address blocks: 94.240.38.0/24 maxlen: 24
94.240.38.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:0f:9a:56:7c:1a:8d:c7:ee:96:c7:95:6c:98:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jan 2 07:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=603292569a85d8c7abb66d3d9aa9ac68534cd9f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:58:d8:a8:d8:49:a1:c4:68:7c:98:68:87:cc:
6d:ee:95:12:69:77:28:f5:6e:7c:9c:dd:3f:87:fe:
de:75:c3:ad:d2:25:b3:47:f8:2b:66:70:b7:e9:46:
92:64:1a:6d:87:13:6c:ef:75:0a:de:d2:84:79:a3:
b7:52:18:60:1f:5a:63:a6:16:16:ec:27:a0:e3:3d:
de:54:bd:f9:2c:ce:3d:46:83:cc:9f:7b:60:1e:fb:
cd:41:f2:e1:a2:28:ae:8b:4e:5a:a4:39:38:97:c8:
20:70:ad:2a:78:da:df:6f:b2:15:27:d6:31:95:2e:
bd:dd:db:99:af:59:33:37:45:8b:6e:cf:8f:bc:07:
79:d5:89:3f:45:12:02:95:0c:f9:9e:38:28:96:62:
fb:b7:07:3b:35:3d:6c:73:a8:f7:ff:8f:24:21:17:
d2:53:c5:5b:3b:76:f0:95:b3:21:a2:0f:7d:a8:43:
c6:15:d7:e5:59:c2:06:8b:75:36:2d:53:a7:97:cc:
5a:03:71:22:dd:74:22:62:35:81:2d:75:4d:c6:c7:
36:7f:97:4c:0b:ac:6b:5e:e3:e3:35:58:8a:e1:aa:
cb:83:d1:d8:60:06:f4:24:09:28:8c:95:0d:64:0e:
5a:38:0e:85:bc:ce:79:64:ff:66:97:f1:7c:a0:2c:
7c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:32:92:56:9A:85:D8:C7:AB:B6:6D:3D:9A:A9:AC:68:53:4C:D9:F9
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/YDKSVpqF2Mertm09mqmsaFNM2fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.240.38.0/23
Signature Algorithm: sha256WithRSAEncryption
46:67:58:43:42:e5:5d:5d:45:bf:40:f6:a3:b1:3c:04:84:a2:
ca:6f:9d:41:17:12:ae:19:2a:20:a1:0e:80:b2:0d:88:5f:ee:
07:da:03:b4:5c:88:84:b1:2c:56:45:28:74:3f:e4:3e:83:45:
51:6e:32:00:fa:e8:c7:74:2d:89:4a:56:5b:50:79:8b:a4:6e:
29:0c:d9:d2:c5:63:90:7c:75:66:10:3e:a5:10:cb:d7:8a:1f:
b9:22:03:78:6a:7e:f7:05:b3:fe:41:fd:6b:3a:58:f5:50:12:
1c:ac:25:84:45:1b:67:7f:34:1a:7f:7e:1d:ad:d3:33:f2:4c:
95:d9:14:6a:1e:3e:4d:96:f7:0c:b3:f2:ff:75:03:36:bf:56:
3b:d6:ae:af:5b:b9:70:ae:37:c3:43:de:33:84:e9:28:68:33:
f0:bb:eb:5a:c1:4e:e5:57:80:4b:d9:ed:9f:04:db:6b:92:c6:
1c:b4:d6:7a:de:a9:f0:fd:a3:4c:ae:f2:fc:d7:4c:c9:70:c9:
47:77:8c:c9:1b:b3:6d:07:41:59:4a:66:8a:4a:64:5a:c9:93:
f9:9e:98:43:71:00:3c:36:0b:6f:09:d9:fe:9c:64:3d:12:0b:
80:95:fd:cc:97:05:05:a9:40:9a:1c:7c:cc:e5:b4:ac:f8:dd:
5f:1f:fa:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxTA+aVnwajcfulseVbJi9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjMwMTAyMDcwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDMyOTI1NjlhODVkOGM3YWJiNjZkM2Q5YWE5YWM2ODUzNGNkOWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1jYqNhJocRofJhoh8xt7pUSaXco
9W58nN0/h/7edcOt0iWzR/grZnC36UaSZBpthxNs73UK3tKEeaO3UhhgH1pjphYW
7Ceg4z3eVL35LM49RoPMn3tgHvvNQfLhoiiui05apDk4l8ggcK0qeNrfb7IVJ9Yx
lS693duZr1kzN0WLbs+PvAd51Yk/RRIClQz5njgolmL7twc7NT1sc6j3/48kIRfS
U8VbO3bwlbMhog99qEPGFdflWcIGi3U2LVOnl8xaA3Ei3XQiYjWBLXVNxsc2f5dM
C6xrXuPjNViK4arLg9HYYAb0JAkojJUNZA5aOA6FvM55ZP9ml/F8oCx8ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGAyklaahdjHq7ZtPZqprGhTTNn5MB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvWURLU1ZwcUYyTWVydG0wOW1xbXNhRk5NMmZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXvAmMA0G
CSqGSIb3DQEBCwUAA4IBAQBGZ1hDQuVdXUW/QPajsTwEhKLKb51BFxKuGSogoQ6A
sg2IX+4H2gO0XIiEsSxWRSh0P+Q+g0VRbjIA+ujHdC2JSlZbUHmLpG4pDNnSxWOQ
fHVmED6lEMvXih+5IgN4an73BbP+Qf1rOlj1UBIcrCWERRtnfzQaf34drdMz8kyV
2RRqHj5NlvcMs/L/dQM2v1Y71q6vW7lwrjfDQ94zhOkoaDPwu+tawU7lV4BL2e2f
BNtrksYctNZ63qnw/aNMrvL810zJcMlHd4zJG7NtB0FZSmaKSmRayZP5nphDcQA8
NgtvCdn+nGQ9EguAlf3MlwUFqUCaHHzM5bSs+N1fH/p0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:12 2024 by rpki-client on console-ams.rpki-client.org